CVE-2026-5844

A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been...

D-Link DIR-882 操作系统命令注入漏洞

The D-Link DIR-882 is a dual-band wireless router produced by D-Link Corporation. The D-Link DIR-882 version 1.01B02 has a vulnerability related to operating system command injection. This vulnerability stems from an error in the sprintf function in the prog.cgi file within the HNAP1...

CVE-2025-15048

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-15048

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-15048 Tenda WH450 HTTP Request CheckTools command injection

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-15006

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

PT-2025-52857

Name of the Vulnerable Software and Affected Versions Tenda WH450 version 1.0.0.18 Description A flaw exists in the Tenda WH450 device. This issue affects an unspecified function within the HTTP Request Handler component, specifically related to the file '/goform/CheckTools'. Manipulation of the...

CVE-2025-15006

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

CVE-2025-15006

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

CVE-2025-15006

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

CVE-2025-15006 Tenda WH450 HTTP Request CheckTools stack-based overflow

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

Tenda WH450 安全漏洞

Tenda WH450 is a wireless access point from Tenda China. A security vulnerability exists in the Tenda WH450 version 1.0.0.18, which originates from the incorrect operation of the parameter ipaddress in the file /goform/CheckTools, and could result in a stack buffer overflow...

PT-2025-52619

Name of the Vulnerable Software and Affected Versions Tenda WH450 version 1.0.0.18 Description A weakness exists in the Tenda WH450 device. The issue is a stack-based buffer overflow within the HTTP Request Handler component, specifically related to the file '/goform/CheckTools'. Manipulation of...

CVE-2025-60673

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

CVE-2025-60676

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...

CVE-2025-60673

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

EUVD-2022-39262

Malicious code in bioql PyPI...

CVE-2024-48629

The CVE-2024-48629 entry concerns D-Link DIR-882 and DIR-878 devices (firmware DIR_882_FW130B06 and DIR_878_FW130B08) with a command-injection vulnerability in SetGuestZoneRouterSettings via the IPAddress parameter. Exploitation could allow an attacker to execute arbitrary OS commands through a c...

CVE-2024-48629

D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the IPAddress parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...

Advantech iView SQL Injection (CVE-2022-2136)

A SQL injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation for the ipaddress parameter during the updatePROMFile process...